Folder Backup Found

Description

During the scan Kayran managed to find possible backup files.
These files are accessible to anyone who wishes to download them from the site.
These backup files are usually created by developers in order to back up the server files and might hold sensitive information.

This file may contain sensitive information about the site’s code, configuration files, usernames, passwords etc.
This information might assist attackers in initiating attacks against your assets later on.

Severity/Score

CVSS Version 3.x – 5.8 Medium

Recommendation

Make sure that the files do not contain sensitive information about the website or it’s source code.
If these files are not necessary, remove them, or, restrict the access to them.

References

https://cwe.mitre.org/data/definitions/200.html

< Return to all Vulnerabilities

Crossing Scripts – XSS

Injections. SQL Injections. Cross-site Scripting (hence the amazing title “Crossing Scripts – XSS”). There all sorts of Injection-Based attacks, if you want to read about

Read More »

HAR Files

In this article, I’ll talk and explain about HAR Files, so if you don’t know what they are, or, what do we use them for,

Read More »

Explaining API

We’ve talked about API’s Vulnerability in here, but i feel like there’s much more to talk about and explain since this is a big and

Read More »